Security Chaos Engineering: From Theory to Practice • Jamie Dicken • GOTO 202121:09 503 views 92% Published a month ago
This presentation was recorded at GOTOpia Chaos Engineering Day 2021. #GOTOcon #GOTOpia
Jamie Dicken - Cybersecurity People Leader
ORIGINAL TALK TITLE
Security Chaos Engineering: Pushing Security from Theory to Practice
Our security programs are full of assumptions. We believe that engineers implement all security requirements without error before deploying systems to production. We take for granted that the security solutions we purchase and implement actually protect our applications, infrastructure, and data. The ultimate effectiveness of a security program, however, cannot rely on assumptions. Mistakes, accidents, and misconfigurations weaken the best-designed security solutions, architectural patterns, and technical designs, leaving our companies vulnerable to breaches.
The application of Chaos Engineering to the security domain proves to be the logical solution to this problem. By testing and validating our own systems, we can tease out false assumptions, proactively identify opportunities for security hardening or remediation, and fix them before an adversary exploits them.
In this session, we will discuss the principles of Security Chaos Engineering and share the real-life story of establishing the practice at Cardinal Health – a Fortune 20 healthcare company. We will also show you how you can do the same – regardless of your organization’s size, scale, industry, or cybersecurity [...]
02:03 Reality check
07:25 Security chaos engineering basics
13:08 Real-world implementation
17:30 How to get started
10:15 Impact of security chaos engineering
Read the full abstract here:
#Security #ChaosEngineering #SecurityChaosEngineering #Programming #ContinuousVerification #ContinuousValidation
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.